package com.work.helper;

import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.web.firewall.HttpFirewall;
import org.springframework.security.web.firewall.StrictHttpFirewall;

import java.util.Arrays;

/**
 * @作者 江南一点雨
 * @微信公众号 江南一点雨
 * @网站 http://www.itboyhub.com
 * @国际站 http://www.javaboy.org
 * @微信 a_java_boy
 * @GitHub https://github.com/lenve
 * @Gitee https://gitee.com/lenve
 */
@Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter {
    @Bean
    HttpFirewall httpFirewall() {
        StrictHttpFirewall firewall = new StrictHttpFirewall();
        // firewall.setAllowUrlEncodedDoubleSlash(true); // 希望请求地址中可以出现 //
        // firewall.setAllowUrlEncodedPercent(true); // 希望请求地址中可以出现 %
        // firewall.setAllowBackSlash(true); // 希望出现/
        // firewall.setAllowUrlEncodedSlash(true); // 希望出现 \
        // firewall.setAllowUrlEncodedPeriod(true); // 希望出现 .
        firewall.setAllowSemicolon(true);
        return firewall;
    }

}
